From: Erland Sommarskog (sommar-usefor@algonet.se)
Date: Sat Jan 19 2002 - 14:39:26 CST
Bill Davidsen <davidsen@prodigy.com> writes:
> I think this is not relevant to the question of rewriting or providing
> Sender. No one has questioned that an injector could reject a post
> without that field set, with wrong information in the From header,
> whatever. But deliberately giving out a real identification of the poster
> is another issue, and raises privacy concerns.
What is current practice today? Many years ago, if I were to post an
article with someone else's name, because he had problem with his
newsfeed, my newsserver would insert "Sender: sommar@enea.se". Has
this gone completely out of fahsion?
I mean, we are to document existing practice, and if we are to outlaw
current practice we should not do this of political reasons. Pointing
out that there is a privacy concern is OK for me, but it's not OK for
me to change the standard because of this.
Technical reasons, i.e. signing is another matter. If we believe that
inserting Sender will break signed headers that might be introduced
in the future, then it would be correct to deprecate Sender.
-- Erland Sommarskog, Stockholm, sommar@algonet.se